Wellington's Security-Assessment.com says it has found and helped fix two "significant" vulnerabilities in Internet Explorer 8 and Windows XP that could have let hackers gain full control of people's computers.

Security-Assessment is a division of Dimension Data, owned by Japanese telco NTT.

Last year, a security audit it carried out for Work & Income identified flaws in kiosks used by jobseekers that later became a national scandal.

In 2011, when an independent company, Security-Assessment was credited by US authorities with finding bugs in software used to secure the Pentagon.

Dimension Data marketing manager Phil Goodwin said it alerted Microsoft to the issues. Microsoft then deployed a fix for the two vulnerabilities that was distributed to customers through an "automatic update" last Tuesday.

"Dimension Data has no reason to believe that anyone has fallen victim to an attack," he said.

"Microsoft is thorough in its response when vulnerabilities are brought to its attention.

"We are pleased to see that this issue has been addressed and we strongly recommend users apply the patch made available through the Windows Update website."

Goodwin said it got no financial benefit, but its work had been acknowledged by Microsoft on its website.